Yii 1.1: clamdscanvalidator

Validates files against ClamAV's clamd antimalware daemon
5 followers

EClamdScanValidator validates files against the clamd daemon from the ClamAV antimalware.

Requirements

  • Yii 1.1 or above.
  • PHP 5.3 or above.
  • Sockets extension and support for TCP streams.
  • ClamAV daemon (in Ubuntu you must install the clamav-daemon package) listening to a TCP port (by default 3310). You must configure clamd.conf in order to achieve this. Important configuration keys are these:

TCPSocket 3310

TCPAddr 127.0.0.1

Note that the STREAM protocol of clamd needs the client to open a "data" connection to another random TCP port in order to send the data file. You must allow this at firewall level.

It is suggested that you install the freshclam package (or include it in compilation) in order to keep virus signatures up to date.

Usage

In your rules add:

array('attachment', 'application.extensions.clamdscanvalidator.EClamdScanValidator'),

There's a number of configuration options:

  • host - Which host to connect to. Default: 'tcp://127.0.0.1' (notice the tcp:// protocol)
  • port - Port in which clamd is listening for connections. Default: 3310
  • maxStreamSize - Maximun size of a "stream" (file) to be scanned. Default: 26843545600. This is in direct relation with the StreamMaxLength value in clamd.conf
  • invalidOnError - Wheter to mark the attribute invalid in case of an error. Default: false
  • invalidOnErrorMessage - Message to dislpay on error. Default: null
  • maxFiles - Maximun number of files to be validated. Default: 1

Updates

  • 1.3 - Now you can use the placeholder "[file]" (without quotes) in you custom "message" in order to display the name of the infected file.
  • 1.2 - Bugfix.
  • 1.1 - Now you can customize the "message", including the "[virus]" placeholder (without quotes) at the place you want to include the name of the malware found. Also, some minor bug fixes are included.

Resources

Discussion and bug report.

External resources

TODO

  • Use INSTREAM in place of STREAM (help needed).
  • Better error handling.

Be the first person to leave a comment

Please to leave your comment.

Create extension